i want to divide resources into multiple python file that been deployed in single stack and when deploy stack all file that have resources will be created without creating multiple stack [env] for multiple resources , any clue how to do this process , for example i have __main___.py , database.py , ecs.py that depend on __main___.py

Hey everyone I was exploring the sdk for Linode and wasn't able to figure out how to use the functions given in various classes like MongoDB database,also when I checked the implementation for the sdk I wasn't able to find out the implementation of the functions in the classes.Can anyone help me out?

i have a handful of resources that i have set up to ignore changes for certain properties. these are GCP resources where labels change behind the scenes and they're beyond my control. these ignored changes have worked fine up until recently, where some of these properties appear in diffs when i do

pulumi up

, despite having been ignored. does anyone know why this might be happening?

Is stack init a noop on an existing stack?

regarding: https://github.com/pulumi/pulumi-docker/releases/tag/v4.0.0 it now states:

Images no longer are built during preview, reducing preview time significantly

building the images during preview is a handy feature that <4.0.0 has.. We currently have developers who will manage their dockerfiles and when doing merge request kicks off pulumi preview.. this tests the full build process. With this version 4.0.0, it appears that now they won't know if something is not correct within their Dockerfile until its doing a pulumi up on a merge to main. Is this to be expected? Can we make this configurable option?

Can a product specialist from Pulumi DM me? I finally got the eyes and ears of the people who can bring Pulumi to my company but need to get a few questions answered to prove why we should use Pulumi over terraform

addonProfile: { traefik: { enabled: true, } }, Hi, when I create a Kubernetes AKS cluster using Pulummi typescript, how to enable traefik? whats the alternative to this option now?

Does any one have a link or overview of best practice of setting up application settings with WebAppSlots?

Hi folks.. Using AWS native, able to create OAI but unable to attach it to existing origins.. Anybody here who has worked on this and can help..

We have several AWS accounts, one per each environment(dev, stage, prod, and few more). We know that we can have many resources per account. In Terraform, we have a single git project per AWS account. The git project file structure is structured by region like us-east-1, us-west-1, etc. Inside each directories, we have files per type of resource. For example, anything related to a dns, changes must be done in route53dns.tf. If it's related to s3 bucket, all changes must go to s3.tf. This whole git project uses one state file and is located in an s3 bucket. That means, there are other s3 buckets for other terraform projects in other environments. I've been reading Pulumi for the past few days and it looks like the state in Pulumi is called stacks. Am I right that I should create 1 stack for all resources per one AWS account? I'm also interested in how you designed your file structure for different resources.

Is there a way to create template code for an existing project? I'm moving some prototypes from a jupyter notebook ... unless the answer (which isn't in the docs but is what I'll wind up doing this time) is "manually create the pulumi yaml file and

__main__.py

"

Hey pulumi community, experts and enthusiasts, has anyone used

pulumi

to manage

snowflake

resources who had experience of handling this following error:

error: 1 error occurred:
        * error creating warehouse err = 001423 (22023): SQL compilation error:
    invalid property 'QUERY_ACCELERATION_MAX_SCALE_FACTOR'; feature 'Query Acceleration Service' not enabled

I have a feeling that this is an edge case for the current

pulumi_snowflake

implementation. Am I wrong? @some-motherboard-44061

Hey guys, we resolved the above query by specifying

query_acceleration_max_scale_factor=0

in the

pulumi_snowflake.Warehouse

, thanks for your attention

I'm testing a code on getting an existing security group using the

.get

api/method from https://www.pulumi.com/registry/packages/aws/api-docs/ec2/securitygroup/ What is provider id? I'm currently on EC2 security group console specifically on the existing sg but I can't figure out what provider is.

Hi all, I am creating an instance using gcp.compute.InstanceFromMachineImage. When I make changes to the instance and run pulumi up, the instance gets replaced, but the attached and boot disks created with the previous instance are kept. How can I make it so this disks are also removed? I am trying to import the disks using this approach, so pulumi keeps track of them and deletes them in the following updates, but I can’t access the disks id’s.

I created an ec2 instance using this code. However, the value I assigned to resource_name wasn't added. It's showing blank on the EC2 console. What is missing in my code?

instance = aws.ec2.Instance(
    resource_name="my-ec2-instance",
    instance_type="t2.micro",
    ami="ami-11111111111111",
    vpc_security_group_ids=[existing_security_group.id],
)

I've added new codes, and want to add this resource to pulumi stack. How can I do this?

Any idea why these errors have started showing up?

E0315 11:04:26.372330   78521 log.go:84] GitHub rate limit exceeded, try again in 11m45.627707s. You can set GITHUB_TOKEN to make an authenticated request with a higher rate limit.

I don’t have experimental mode enabled and not aware of any GH communication that should be occurring at all.

I'm playing with this code and it works very well. However, that's just a very plain web server which is started in userdata. What I want to do is include the application which is behind a reverse proxy like Nginx. How do we include the files and directories of my application, nginx etc so it can be part of the ec2 build-deployment that will be deployed by

pulumi up

?

for az in aws.get_availability_zones().names:
    server = aws.ec2.Instance(
        f"web-server-{az}",
        instance_type="t2.micro",
        vpc_security_group_ids=[group.id],
        ami=ami.id,
        user_data="""#!/bin/bash
echo \"Hello, World -- from {}!\" > index.html
nohup python3 -m http.server 80 --bind 0.0.0.0 &
""".format(
            az
        ),
        tags={
            "Name": "web-server",
        },
    )
    ips.append(server.public_ip)
    hostnames.append(server.public_dns)

    attachment = aws.lb.TargetGroupAttachment(
        f"web-server-{az}",
        target_group_arn=target_group.arn,
        target_id=server.id,
        port=80,
    )

Is there a way to pass a namespace to

pulumi config set

? I named one of my projects "aws" and that turns out to conflict with the aws module, so I need to use a different namespace, which is fine. I can do that directly in the yaml file, but it would be convenient to be able to do that via the cli as well - but I don't see anything in the

--help

that says I can override that. (I am guessing I'll especially want to know that when I get to setting secrets in configs)

Wish me luck folks! I just told one of the developers teams that I will use Pulumi and that I will do my best to build a demo deployment using gitlab and that is deploying a new ALB for them and registering their existing ec2 instances.

Hi all, I was looking for something similar to terraform

replace_triggered_by

basically forcing the replacement of a particular ressource if another is replaced. Does anyone know if there is something like that in pulumi?

Hi, love pulumi but I could use some guidance with a project I am working on. I am trying to deploy AWS OpenSearch Serverless using typescript but Googling doesn't yield a lot of results. I keep running into encryption related errors when deploying to AWS. Anyone know if it's possible to deploy OpenSearch Serverless right now or can provide some insights/working examples?

// Create a new encryption policy
const analyticsEncryptionPolicy = new aws_native.opensearchserverless.SecurityPolicy("analytics-encryption-policy", {
  securityPolicyName: "analytics-encryption-policy",
  securityPolicyDescription: "Encryption policy for OpenSearch Serverless",
  keyId: "alias/aws/opensearchserverless",
  keyType: "AWS_OWNED_KEY",
  policy: JSON.stringify({
    accessType: "PUBLIC",
    Type: "Encryption",
    Rules: [
      {
        ResourceType: "*",
        Subject: {
          AWS: "*",
        },
        Effect: "Allow",
        Action: "*",
      },
    ],
  }),
});

// Create a serverless collection for OpenSearch
const elasticsearchServerless = new aws_native.opensearchserverless.Collection("collection", {
  name: "analytics-es-serverless",
  description: "Analytics OpenSearch Serverless Collection",
  collectionType: "TimeSeries",
  encryptionPolicies: [
    {
      securityPolicyName: analyticsEncryptionPolicy.securityPolicyName,
    }
  ],
  networkPolicy: {
    accessType: "PUBLIC",
    resourceType: ["COLLECTION", "DASHBOARD"],
    prefixCollectionNmae: "analytics",
  },
  dataPolicy: {
    policyName: "analytics-data-policy",
    rules: [
      {
        grantedResources: ["index/analytics/*"],
        resourceType: "INDEX",
        permissions: ["aoss:CreateIndex", "aoss:DeleteIndex", "aoss:UpdateIndex", "aoss:ReadIndex", "aossReadDocument", "aoss:WriteDocument"],
        principal: firehoseRole,
      }
    ],
  },
});

Hey!

pulumi stack init my-stack \
    --secrets-provider="<hashivault://payroll>"

Command above works fine when I set env variable

VAULT_TOKEN

. However, id does not work when

VAULT_TOKEN

is unset and instead I have token in my

~/.vault-token

. Is it possible to make pulumi work with

~/.vault-token

?

Hi! Not sure whether this is the right place to post this question. Anyways here it goes:

We are using

pulumi

to create kubernetes cluster and then use helm charts to deploy services...

I want take the exported values from Pulumi and use it helm chart without hard coding the values in helm chart's

values.yaml

.

Is this something possible... I understand that it's more of helm chart capability question then that of Pulumi. Any help would be appreciated.

Hey. Thanks for Pulumi, it's actually made cloud accessible for a front-end dev 🙂 I do struggle though with getting my IDE (WebStorm) to use Azure-native which contains a single TypeScript typing file that is 37MB (🤯). WebStorm ships with 20MB as default max-size for files. The problem is that it means there's no typings available for a large part of the resources, which is one of the main benefits I needed from Pulumi. I can raise the file size, but WebStorm and TypeScript basically slows to a crawl and eats up gigs of additional memory when I do. Any recommendations on how to solve this?